
package cup.common.config;


import cup.core.secure.registry.SecureRegistry;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.CorsRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;

/**
 * Blade配置
 *
 * @author
 */
@Configuration
public class CupConfiguration implements WebMvcConfigurer {

	/**
	 * 安全框架配置 白名单配置地址
	 */
	@Bean
	public SecureRegistry secureRegistry() {
		SecureRegistry secureRegistry = new SecureRegistry();
		secureRegistry.setEnabled(true);
		secureRegistry.excludePathPatterns("/cup-auth/**");
		secureRegistry.excludePathPatterns("/cup-system/menu/routes");
		secureRegistry.excludePathPatterns("/cup-system/menu/auth-routes");
		secureRegistry.excludePathPatterns("/cup-system/menu/top-menu");
		secureRegistry.excludePathPatterns("/cup-system/tenant/info");
		secureRegistry.excludePathPatterns("/cup-system/dept/list");
		secureRegistry.excludePathPatterns("/cup-flow/process/resource-view");
		secureRegistry.excludePathPatterns("/cup-flow/process/diagram-view");
		secureRegistry.excludePathPatterns("/cup-flow/manager/check-upload");
		secureRegistry.excludePathPatterns("/doc.html");
		secureRegistry.excludePathPatterns("/js/**");
		secureRegistry.excludePathPatterns("/webjars/**");
		secureRegistry.excludePathPatterns("/swagger-resources/**");
		secureRegistry.excludePathPatterns("/druid/**");
		secureRegistry.excludePathPatterns("/cmdb/**");
		secureRegistry.excludePathPatterns("/base/facility/push");
		secureRegistry.excludePathPatterns("/overview/**");
		//用于大屏数据展示
		secureRegistry.excludePathPatterns("/base/realtimewarning/page");
		//第三方登录
		secureRegistry.excludePathPatterns("/cup-auth/cqjgpt/**");
		//检测app最新版本
		secureRegistry.excludePathPatterns("/base/appversions/findNew");
		//文件下载白名单
		secureRegistry.excludePathPatterns("/common/file/**");

		return secureRegistry;
	}

	/**
	 * 跨域配置
	 */
	@Override
	public void addCorsMappings(CorsRegistry registry) {
		registry.addMapping("/cors/**")
			.allowedOrigins("*")
			.allowedHeaders("*")
			.allowedMethods("*")
			.maxAge(3600)
			.allowCredentials(true);
	}

}
